IOT SECURITY: MODELING DEVELOPMENT AND VALIDATION OF IOT TECHNOLOGY

Abstract

Modern design and development practices advocates including security as early as possible in the overall IoT engineering strategy. Tuning products late in the product cycle is costly due to changes rippling across components, so it is cheaper to fix errors early in the design and development phase. Security underscores this principle. It is more cost effective to integrate security protections into a product than it is to patch vulnerabilities. In the secure design of the IoT, the research focuses on integrity and availability security principles. The research establishes a methodology and tool for modeling and describing functionality and security of an IoT device. The Framework allows the secure modeling, design, and validation of functional requirements, security requirements, specification, and constraints by defining a methodology and developing a validation tool using a software engineering and digital twin prototyping concepts. The research methodology is investigated by demonstrating proposed framework on a case study IoT device, the Temperature LED Indicator, and a commercial-grade IoT device, and a Sonoff BASIC R3 WiFi switch. The deliverables of the research are the description of the IoT device, the IoT device, an emulator and a verification and validation tool. The verification and validation tool to verify the IoT device functions according to specification during normal operation and goes out of specification during a cyber-attack.